Privacy Policy

Last updated: October 10, 2025

1. Introduction

AuRooms Guest House ("we", "our", or "us") is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, store, and protect your personal information in accordance with the General Data Protection Regulation (GDPR) and applicable Italian data protection laws.

Data Controller:
AuRooms Guest House
Piazza Pietro Venuti, 12
90045 Cinisi PA, Italy
Email: info@aurooms.it
Phone: +39 375 884 3175

2. Information We Collect

We collect the following personal information when you make a booking through our website:

  • Personal Identification: Full name
  • Contact Information: Email address and phone number
  • Booking Details: Check-in and check-out dates, number of guests, room type selection
  • Payment Information: Payment details processed securely through Stripe (we do not store credit card information)
  • Special Requests: Any additional information you provide (dietary requirements, accessibility needs, etc.)

3. How We Use Your Information

We use your personal data for the following purposes:

  • Booking Management: To process and confirm your reservation
  • Communication: To send booking confirmations, updates, and respond to your inquiries
  • Service Delivery: To prepare for your arrival and accommodate special requests
  • Payment Processing: To securely process payments through our payment provider, Stripe
  • Legal Compliance: To comply with Italian hospitality regulations and tax requirements
  • Service Improvement: To analyze and improve our services (anonymized data only)

4. Legal Basis for Processing

Under GDPR, we process your personal data based on the following legal grounds:

  • Contract Performance: Processing is necessary to fulfill our booking contract with you
  • Legal Obligation: We are required to maintain guest records for Italian tax and hospitality regulations
  • Legitimate Interest: To improve our services and prevent fraud
  • Consent: For marketing communications (where applicable and with your explicit consent)

5. Data Sharing and Third Parties

We do not sell or rent your personal information. We share your data only with:

  • Payment Processor: Stripe Inc. for secure payment processing (GDPR compliant)
  • Email Service: Resend for sending booking confirmations (GDPR compliant)
  • Database Provider: Neon Database for secure data storage (GDPR compliant, EU servers)
  • Legal Authorities: When required by Italian law or legal process

All third-party service providers are contractually bound to protect your data and use it only for the specified purposes.

6. Data Storage and Security

Storage Location: Your data is stored on secure servers within the European Union (EU).

Retention Period: We retain your personal data for:

  • Active bookings: Until completion of your stay plus 30 days
  • Historical bookings: Up to 10 years for tax and legal compliance as required by Italian law
  • Marketing data: Until you withdraw consent or request deletion

Security Measures: We implement industry-standard security measures including:

  • SSL/TLS encryption for data transmission
  • Encrypted database storage
  • Secure payment processing (PCI DSS compliant via Stripe)
  • Access controls and authentication
  • Regular security updates and monitoring

7. Your Rights Under GDPR

You have the following rights regarding your personal data:

  • Right to Access: Request a copy of the personal data we hold about you
  • Right to Rectification: Request correction of inaccurate or incomplete data
  • Right to Erasure ("Right to be Forgotten"): Request deletion of your data (subject to legal retention requirements)
  • Right to Restriction: Request limitation of processing in certain circumstances
  • Right to Data Portability: Receive your data in a structured, commonly used format
  • Right to Object: Object to processing based on legitimate interests
  • Right to Withdraw Consent: Withdraw consent for marketing communications at any time
  • Right to Lodge a Complaint: File a complaint with the Italian Data Protection Authority (Garante per la protezione dei dati personali)

To exercise your rights, contact us at:
Email: info@aurooms.it
WhatsApp: +39 375 884 3175
Mail: Piazza Pietro Venuti, 12, 90045 Cinisi PA, Italy

We will respond to your request within 30 days as required by GDPR.

8. Cookies and Tracking

Our website uses cookies to provide essential functionality and improve your experience. When you first visit our site, you can choose which cookies to accept through our cookie banner.

Types of Cookies We Use:

🔒 Essential Cookies (Always Active)

These cookies are strictly necessary for the website to function and cannot be disabled:

  • Session Management: Keep you logged into the booking system
  • Payment Security: Stripe cookies for secure payment processing (PCI DSS compliant)
  • Cookie Preferences: Remember your cookie choices
  • Security: Prevent fraud and ensure site security

📊 Analytics Cookies (Optional)

Help us understand how visitors use our site to improve user experience:

  • Vercel Analytics: Anonymized traffic and performance data
  • Vercel Speed Insights: Page load times and performance metrics
  • Google Search Console: Search performance and indexing data
  • Bing Webmaster Tools: Search visibility and site health monitoring

These tools do not identify you personally and use anonymized data. You can opt-out at any time.

🎯 Marketing Cookies (Currently Not Used)

We currently do not use any advertising or marketing cookies. If this changes in the future, we will ask for your explicit consent.

Managing Your Cookie Preferences:

  • Cookie Banner: You can change your preferences anytime by clicking the cookie icon in the footer
  • Browser Settings: You can block or delete cookies through your browser settings, but this may affect site functionality
  • Do Not Track: We respect browser Do Not Track signals for analytics cookies

Third-Party Cookies: Our payment processor Stripe may set cookies necessary for secure transactions. These are essential for payment processing and fraud prevention.

9. No User Accounts or Authentication

Our website does not require user registration or login. We do not create user accounts or store passwords. Each booking is processed independently, and your data is collected only at the time of reservation.

10. Children's Privacy

Our services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If you are a parent or guardian and believe we have collected data about a child, please contact us immediately.

11. International Data Transfers

Your data is primarily stored and processed within the European Union. In cases where data is transferred to third-party services outside the EU (such as Stripe's US operations), appropriate safeguards are in place including Standard Contractual Clauses (SCCs) approved by the European Commission.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. The "Last updated" date at the top of this page indicates when the policy was last revised. We encourage you to review this policy periodically.

13. Contact Us

If you have questions about this Privacy Policy or how we handle your personal data, please contact us:

AuRooms Guest House
Piazza Pietro Venuti, 12
90045 Cinisi PA, Italy

Email: info@aurooms.it
WhatsApp: +39 375 884 3175
Phone: +39 375 884 3175

14. Data Protection Authority

If you have concerns about our data processing practices and are not satisfied with our response, you have the right to lodge a complaint with the Italian Data Protection Authority:

Garante per la protezione dei dati personali
Piazza Venezia, 11
00187 Roma, Italy
Website: www.garanteprivacy.it